September 2002

Redwood City, Calif -- Securing a district network is no easy task, according to Clint Walker, Network Specialist at Sequoia Union High School District (SUHSD) in Redwood City, California. While others in the district are responsible for educating students on proper use, Walker makes sure that the resources are available and secure. In addition to the challenges that a typical business organization might face, schools have limited budgets, few personnel resources, a patchwork of systems, and very curious users.

Sequoia Union High School District (SUHSD) is located in the center of the San Francisco Peninsula in San Mateo County, California, and consists of four comprehensive high schools, a continuation high school, and an adult school. With over 2,500 computing devices across the enterprise, the 7,300 students and 700 staff members have access in all classrooms and throughout campus to network services.

Responsible Students
The first and most effective line of defense is to enlist students as network advocates. They are often the most sophisticated users in a community and share an interest in keeping the resources available.

"It's very easy to cause problems on an IP network," says Walker. "They could do it with a laptop and they don't. If one person breaks it, everyone suffers, and God forbid if they figure out who broke it!" Walker knows many of the students and they offer proactive support, notifying him if the network has problems.

According to District Technology Coordinator Robert Fishtrom, teachers model behavior for students and set the boundaries for ethical use. They need to monitor use to make sure that students do not go into chat rooms or to inappropriate sites. When teachers illegally copy software, students follow their example. In his instructional technology district workshops and university courses, Fishtrom preaches ethics and safety.

"I recommend that teachers have a set of bookmarks and a worksheet for an online lesson so that the time is constructive," says Fishtrom. "If you have a more directed exercise it's easier for the teacher to monitor. Also, students need to know when they use sources on the web, how to properly cite them."

Desktop Vulnerability
The next stop on the security tour is the desktop. Without staff to secure systems at the backend, a school district should invest in as much desktop security as possible. The most vulnerable place on the network is the logged in desktop when a teacher or authenticated user walks away. Automating backups, anti-virus software upgrades, monitoring, and other security measures provides some measure of prevention.

While Fishtrom is an advocate for technology in the classroom and the student-centered approach to teaching it offers, he is concerned that technology has become available faster than teachers have been educated to use it. "Teachers don't have time," he says. "Between aligning to standards and preparing for tests, technology has taken a back seat. Educating the teachers is where we will start improving security."

SUHSD is testing Altiris Vision software as a desktop management and security tool. With this software installed, teachers can take control of desktop screens to model lessons, shut off keyboards, blank out monitors, and even remove network access.

Data Security
As districts move to electronic storage of student records, testing information and other confidential data, they must protect the information from tampering, corruption, and theft. Like most districts, SUHSD operates a hybrid network across several campuses with a variety of operating systems, equipment, and software applications. A single program or technical solution will not protect their unique combination of equipment.

Technicians and programmers have customized the district's information systems to add layers of security from both external and internal threats. For example, a leading student information system uses an open format for the data files. If someone gains access to the directory, he or she can move the files into an excel spreadsheet and view or alter them. SUHSD programmers added an authentication system to verify users and protect the directories. They also customize their filtering software to prevent access to hacking sites.

The Human Condition
Although the district does not have a formal safety curriculum, they do have policies regarding student information and acceptable use. Student information cannot be published on the web without consent from the student and their parents. Pictures and names never appear together. The district does not allow chat, but they do enable student to access their own email accounts from the school district network. If students violate the acceptable use, they lose their privileges and are held accountable.

"Students are enthusiastic and savvy about technology because it is all around them and they want to know," says Walker. "When they see me working on stuff they come up and ask questions. I try to encourage them in a safe and positive way. I consider myself a lucky person to do what I do for a living. It's so much more fun than what most people do."